GDPR learning and performance support topics:

GDPR learning and performance support topics:

Personal data
  • What is personal data
  • Why is it so important to protect personal data
  • Sensitive personal data
  • Examples of what happens when personal data is not protected
Data processing
  • Data subjects and their rights
  • What do we mean by data processing
  • All the ways in which data is processed
  • GDPR principles of data processing with real life examples
  • Data processing vs data controlling
  • Examples and scenarios of data breaches
Protecting personal data
  • Whose data is it
  • Collecting only the necessary data
  • The importance of transparency
  • What is a SAR and how to recognise it
  • What is the right to be forgotten
  • The role of a Data Protection Officer
Reporting concerns
  • How and when to report a concern
  • Example scenarios which should be reported
Test/Quiz
30+ questions covering all major topics from the course
Checklists
  • Steps to take when receiving a Subject Access Request (SAR)
  • Steps to take when receiving ‘right to be forgotten’ request
  • 7 key GDPR principles of data processing
Data protection by design
  • Data protection by design
  • Examples of data protection by design
  • Scenario: failing to demonstrate data protection by design
Data protection by default
  • What does data protection by default mean
  • Example and consequences
Red flags in design processes
  • Selecting data processors and 3rd party considerations
  • Organisational policy development
  • Enabling user right to be forgotten
  • Reporting data breaches
Checklists
  • Key principles of privacy by design
  • Red flags in an organisation’s IT systems
The effects of GDPR on marketing
  • The importance of public trust
  • Personal data as an important commodity to companies
Processing personal data for marketing purposes
  • How to collect personal data
  • The rights of users whose data is collected and processed
  • Transparency and privacy notice
  • Consent and legitimate interest for data collection
  • Profiling
Checklists
  • 6 lawful bases for data processing under GDPR
  • Dos and don’ts: obtaining consent
Data protection in typical HR processes
  • Individual rights
  • Special category/sensitive data
  • Data processing in recruitment
  • Reporting data breaches
Implications of individual rights in the context of HR processes
  • The right to be informed
  • The right to data rectification
  • The right to access
  • Right to be forgotten
  • Right to restrict processing
Data processing under GDPR
  • Consent or other justification
  • Data retention
Checklists
  • 6 lawful bases for data processing under GDPR
  • What is sensitive personal data?
  • Individual rights: are you ready for these requests?